<?
include 'connect.php';
include 'functions.inc.php';

$action = getHTMLVal("action", "");

if ($action == "saveDemonstration")
	saveDemonstration(false);
elseif ($action == "updateDemonstration")
	saveDemonstration(true);
elseif ($action == "saveParticipant")
	saveParticipant(false);
elseif ($action == "updateParticipant")
	saveParticipant(true);
mysql_close();


/**
 * save a participant to a demonstration from a request and redirect the user to the page of the demonstration
 * Actually, it does not handle the update
 */
function saveParticipant($update) {
	$title = mysql_escape_string(getHTMLVal("title"));
	$manifestation_id = mysql_escape_string(getHTMLVal("manifestation_id"));
	$personaltext = mysql_escape_string(getHTMLVal("personaltext"));	
	$email = mysql_escape_string(getHTMLVal("email"));
	$description = mysql_escape_string(getHTMLVal("description"));
	$lat = mysql_escape_string(getHTMLVal("latitude"));
	$long = mysql_escape_string(getHTMLVal("longitude"));
	$ref_id = mysql_escape_string(getHTMLVal("ref_id"));

/*	if (isParticipantExist($email, $manifestation_id))
	{
		print 'already_exist';
		return;
	}*/

	if ($ref_id == "")
	 $ref_id = "-1";

	$query = "INSERT INTO PARTICIPANT (manifestation_id, email, title, personaltext, latitude, longitude, ref_id) VALUES ($manifestation_id, '$email', '$title', '$personaltext', '$lat', '$long', $ref_id)";

	$id = myExecQuery($query, true);
	if ($id >= 0) {
		setcookie("demonstration_".$manifestation_id, $id);
		header("Location: start.html?id=$manifestation_id") ;
	}
}

function isParticipantExist($email, $manifestation_id){
	$query = "select count(email) from PARTICIPANT where manifestation_id='$manifestation_id' and email='$email'";
	$num = mySelectQuery($query);
	return (($num[0] == 0) ? false : true);
}

/**
 * save a demonstration from a request and redirect the user to the page of this demonstration.
 * 
 * 
 */
function saveDemonstration($update) {
	$shortname = mysql_escape_string(getHTMLVal("shortname"));
	$title = mysql_escape_string(getHTMLVal("title"));
	$description = mysql_escape_string(getHTMLVal("description"));
	$lat = mysql_escape_string(getHTMLVal("latitude"));
	$long = mysql_escape_string(getHTMLVal("longitude"));
	$id = mysql_escape_string(getHTMLVal("id"));

	if($action == "update"){
	  if ($id)
	    $query = "update manifestation SET title='$title', description='$description', latitude='$lat', longitude='$long' where id=$id";
	  else
	    die("id not defined");
	}
	else 
	  $query = "INSERT INTO manifestation (shortname, title, description, latitude, longitude) VALUES ('$shortname', '$title', '$description', '$lat', '$long')";
	 
	$id = myExecQuery($query, true);

	if ($id >= 0)
		header("Location: start.html?id=$id");

}

/**
 * return the last inserted ID if $return_last_insert_id is at true and there is no error
 * 
 * 
 */
function myExecQuery($query, $return_last_insert_id) {
	if (mysql_query($query)) {
		if ($return_last_insert_id)
			return mysql_insert_id();
		return 0;
	} else {
		die("The following query failed:<br>\n".
         "$QUERY<br>\n".
         "MySQL error message: <br>\n".
         mysql_errno().": ".mysql_error()."<br>\n");
	  	return -1;
	}
}

/**
execute a select query and return the result as an array.

return false if there is an error

@param	string	query		Requête SQL
@return	recordset
*/
function mySelectQuery($query) {
	$cur = mysql_unbuffered_query($query);		
	if ($cur) {
		$i = 0;
		$arryRes = array();
		while($res = mysql_fetch_row($cur)) {
			for($j=0; $j<count($res); $j++) {
				$arryRes[$i][strtolower(mysql_field_name($cur, $j))] = $res[$j];		
			}
			$i++;
		}
		
		return $arryRes;
	}
	else
		return false;
}

?>
